<?php
/*
 * hs_hr_employee_workgroup 员工班次表 hs_hr_emp_attendance "考勤记录表"
 * hs_hr_emp_attendance_sp "特殊考勤表" hs_hr_workgroup 员工排版表 hs_hr_users 用户表 Power
 * by kaysonzhang 2012/5/6
 */

require_once ROOT_PATH . '/lib/confs/Conf.php';
require_once ROOT_PATH . '/lib/confs/sysConf.php';
require_once ROOT_PATH . '/lib/dao/DMLFunctions.php';
require_once ROOT_PATH . '/lib/dao/SQLQBuilder.php';

require_once ROOT_PATH . '/lib/models/time/Timesheet.php';
require_once ROOT_PATH . '/lib/models/time/TimeEvent.php';
require_once ROOT_PATH . '/lib/models/time/ProjectReport.php';
require_once ROOT_PATH . '/lib/common/TemplateMerger.php';
require_once ROOT_PATH . '/lib/common/TemplateMerger.php';
require_once LIB_EXTEND_PATH.'MenuDisplay.class.php';

class PowerController extends Base  {
	const POWER_TEMP='/templates/power/';
	private $db;
	private $ctrl;
	public function __construct() {
		$this->db = new DMLFunctions ();
		error_reporting(0);
		$this->ctrl=$_REQUEST['ctrl'];
	}
	public function run($fun) {

	}
	public function giveUserPower() {
//		print_r($_SESSION);

		$search=strval($_REQUEST['keyWord']);
		$department=strval($_REQUEST['department']);
		$myUserId=$_SESSION['user'];
		$whereSql=" where id !='{$myUserId}' ";
		$sql="select * from hs_hr_users ";
		if ($search) {
			$whereSql.=" and  user_name like '%{$search}%'";
		}
		if ($department) {
			$whereSql.=" and  department = '$department'";
		}
		$sql.=$whereSql;
		$query=$this->db->executeQuery($sql);
		$result=$this->db->dbObject->getArrayList($query);
		$records = array ();
		$sql="select Name,Id from hs_hr_role_right ";
		$query=$this->db->executeQuery($sql);
		$powerList=$this->db->dbObject->getArrayList($query,'Id');
		$records['list']=$result;
		$records['powerList']=$powerList;
		$this->outPut(__FUNCTION__,$records);
	}
	public function saveUserPower() {
		$userIds=$_REQUEST['userids'];
		$myUserId=$_SESSION['user'];		
		$role_groupId=intval($_REQUEST['rg_id']);
		if (empty($userIds) || !is_array($userIds) || array_search($userIds,$myUserId)!==false) {
			$this->redirect("对不起，请选择用户再进行操作","?ctrl=".$this->ctrl."&action=giveUserPower");
		}
		$sql="select * from hs_hr_role_right where id ={$role_groupId}";
	 
		$query=$this->db->executeQuery($sql);
		$result=$this->db->dbObject->getOne($query);	
	 	 
		if (empty($result)) {
			$this->redirect("对不起，权限组不存在","?ctrl=".$this->ctrl."&action=giveUserPower");
		}
		$userIdStrs=implode("','",$userIds);
		$userIdStrs="'".$userIdStrs."'";
		$updateSql="update hs_hr_users set role_right_id={$role_groupId} where id in ({$userIdStrs})";
 
		$query=$this->db->executeQuery($updateSql); 
		if ($query) {
			$this->redirect("恭喜你，编辑成功","?ctrl=".$this->ctrl."&action=giveUserPower",false);
		} else {
			$this->redirect("对不起，编辑失败","?ctrl=".$this->ctrl."&action=giveUserPower");
		}
		
	}
	public function showPower() {
		$sql="select * from hs_hr_role_right ";
		$query=$this->db->executeQuery($sql);
		$result=$this->db->dbObject->getArrayList($query);
		$records = array ();
		$records ['configs'] = MenuDisplay::getInstance()->getConfigs();
		$records['list']=$result;
		$this->outPut(__FUNCTION__,$records);
	}
	/**
	 * 添加角色权限
	 *
	 */
	public  function addShow() {
	   $records = array ();
		$records ['configs'] = MenuDisplay::getInstance()->getConfigs();
		$this->outPut(__FUNCTION__,$records);

	}
	public  function addSave() {

		$roleName=strval($_POST['roleName']);
		$sql="select * from hs_hr_role_right where Name ='{$roleName}'";
		$query=$this->db->executeQuery($sql);
		$result=$this->db->dbObject->getOne($query);
		if (!$result) {
			$this->redirect("对不起，分组名字已存中","?ctrl=".$this->ctrl."&action=addShow");
		}
		$time=time();
		$right=serialize($_POST['power']);
		$sql="INSERT INTO `hs_hr_role_right` (`Id`, `Name`, `RightDetail`, `AddTime`) VALUES (null, '{$roleName}', '{$right}', {$time});";
		$this->db->executeQuery($sql);
//		$this->redirect ( "你没有权限", "?ctrl=power" );
		$this->redirect("添加成功","?ctrl=".$this->ctrl."&action=addShow");

	}
	public function editShow() {
		$id=intval($_REQUEST['id']);
//		$id=6;
		$sql="select * from hs_hr_role_right where id ={$id}";
		$query=$this->db->executeQuery($sql);
		$result=$this->db->dbObject->getOne($query);
		$records ['configs'] = MenuDisplay::getInstance()->getConfigs();
		$records['info']=$result;
		$records['info']['RightDetail']=json_encode(unserialize($records['info']['RightDetail']));
//		print_r($result);
		$this->outPut(__FUNCTION__,$records);
	}
	public function editSave() {
		$roleName=strval($_POST['roleName']);
		$time=time();
		print_r($_POST['power']);
//		exit();
		$id=intval($_REQUEST['id']);
		$right=serialize($_POST['power']);
		$sql="update hs_hr_role_right set Name='$roleName',RightDetail='$right' where id ={$id}";
		$query=$this->db->executeQuery($sql);
		$this->redirect("恭喜你，编辑成功","?ctrl=".$this->ctrl."&action=editShow&id={$id}",false);
	}


	private function outPut($fileName,$records) {
		$path = self::POWER_TEMP.$fileName.".php";
		$template = new TemplateMerger ( $records, $path );
		$template->display (); 		//
	}
}
?>